Intel to Develop Hardware Rootkit Detection

Jack writes "ITO is running a story on Intel's latest initiative - a hardware rootkit detector: 'Intel is trying to eliminate the human factor when dealing with root-kits detection by developing a new hardware-based technique to discover and notify users when they are downloading unintentionally a root-kit to their computer.'"

Dumb idea

[obeythefist]

This has little or nothing to do with security and everything to do with Intel PR.

Intel has been smarting since AMD beat them to the punch with the NX bit.

The only thing a Rootkit will do that any other software install won't usually is over-write and modify a lot more system files than it should. Hardware can't be aware of which version of hal.dll you're supposed to be running (heck, it shouldn't even know you're running windows!). This really is something the O/S should be doing.

Which it does. If you follow best security practices, well, heck, you're not logged on with admin privelege anyway. So how is the rootkit going to overwrite your stuff anyway? Or has your system been compromised by a hacker through an open port exploit? So your firewall failed you and you haven't patched up your O/S, and if the hacker is installing the rootkit, there's no point stopping the rootkit, because he's already in and he's just installing his zombie housekeeping tools. It'll just slow him down a bit.

Re: Intel to Develop Hardware Rootkit Detection

[mslinux]

Who watches them now?